CVE-2023-52754

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> media: imon: fix access to invalid resource for the second interface<br /> <br /> imon driver probes two USB interfaces, and at the probe of the second<br /> interface, the driver assumes blindly that the first interface got<br /> bound with the same imon driver. It&amp;#39;s usually true, but it&amp;#39;s still<br /> possible that the first interface is bound with another driver via a<br /> malformed descriptor. Then it may lead to a memory corruption, as<br /> spotted by syzkaller; imon driver accesses the data from drvdata as<br /> struct imon_context object although it&amp;#39;s a completely different one<br /> that was assigned by another driver.<br /> <br /> This patch adds a sanity check -- whether the first interface is<br /> really bound with the imon driver or not -- for avoiding the problem<br /> above at the probe time.